gLExec is a program that acts as a light-weight 'gatekeeper'. gLExec takes Grid credentials as input. gLExec takes the local site policy into account to authenticate and authorize the credentials. gLExec will switch to a new execution sandbox and execute the given command as the switched identity. gLExec is also capable of functioning as a light-weight control point which offers a binary yes/no result called the logging-only mode.
Deployment: Installation and setups
- gLExec on the Worker Nodes or Computing Element
- Deployment Scenarios in EGEE and OSG
- Secure installation considerations
- Debugging hints
How To's and FAQ
- To help you master gLExec's security:
- Need to Know's: Explains about the LD_LIBRARY_PATH in combo with setuid programs.
- Proxy file handling in gLExec What do all the environment variables do with proxy files
- GLExec TransientPilotJobs describes how you may go about managing a target workload's directory in Pilot Job Frameworks.
- GLExec Environment Wrap and Unwrap scripts describes how you can preserve the environment variables between the calling process of gLExec and the user switched side of gLExec. For example: to preserve the environment variables from a Pilot Job Framework, through gLExec and into Pilot Job Payload.
- Building gLExec from src rpm How to build gLExec from a .src.rpm